On Fri, Jun 13, 2008 at 12:41 PM, Merton Campbell Crockett <m.c.crockett@xxxxxxxxxxxxxx> wrote: > Looking at the Apache access log, it's clear that Apache is processing a lot > of requests from systems probing for vulnerabilities. Rather than have > Apache process the request, I would like to immediately reject all requests > with a 503, Service Unavailable, status. Can I ask: Why? Apache has to process the request one way or the other in order to send back an error response. What's the difference if the error response is a 404 or a 503? > > Can this be done with a series of RewriteCond statements specifying each of > the permitted strings followed by a RewriteRule that rejects the request and > terminates processing? Is there a better way of accomplishing this? Yes, you could do this with mod_rewrite, but I don't see the point. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|